[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: rails update

Hi,

On Mon, Jun 22, 2020 at 3:11 PM Sylvain Beucler <beuc@beuc.net> wrote:
> Hmm, are you the only active maintainer for rails?

There are 3 maintainers. CC'ed rails@p.d.o.
However, since you have already worked on preparing the fix for
Jessie, it's much easier on your part to do it for Stretch and Buster.
But that's volunteer work :)

If you don't want to work, don't :)

> Which security update broke what, exactly?

The latest security update from 5.2.4.2 to 5.2.4.3, which contained
fixes for CVE-2020-816{2,4,5,6,7}.
JavaScript bundle generation for Activestorage didn't work w/o that
patch. We had to switch to node-babel7 for that.


Best,
Utkarsh
Reply to: